I searched some posts that said add 1900 to the trusted ports, or via a iptable rule: -A INPUT -m state --state NEW -m udp -p udp --sport 1900 -j ACCEPT". However, Transmission can't open ports anyway.

I also tested with upnp-inspector, which is better than Transmission, it could detect my upnp router after add 1900 to the trusted ports, but the detection is slower than if the firewall is disabled.

Yes, Its just slightly better... The main issue is even if you open ports on the router, Iptables will block that port at your localhost. I have strong Iptables rules, then port forwards for my specific apps. Then I disable UPNP, and then I get the benefit of the firewall.
–
TechZillaJan 18 '12 at 12:07